Merge changes from topic "sb/contribution-guidelines" into integration

* changes: doc: Mention the TF-A Tech Forum as a way to contact developers doc: Emphasize that security issues must not be reported as normal bugs

Merge changes from topic "sb/contribution-guidelines" into integration
* changes: doc: Mention the TF-A Tech Forum as a way to contact developers doc: Emphasize that security issues must not be reported as normal bugs
fe6a3d1a · Mark Dykes · TrustedFirmware Code Review · 8cbccbdc · 155eac29 · fe6a3d1a
Commit fe6a3d1a authored Aug 14, 2020 by Mark Dykes Committed by TrustedFirmware Code Review Aug 14, 2020
--- a/docs/about/contact.rst
+++ b/docs/about/contact.rst
@@ -24,6 +24,15 @@ The relevant lists for the TF-A project are:
 You can see a `summary of all the lists`_ on the TrustedFirmware.org website.
+Open Tech Forum Call
+^^^^^^^^^^^^^^^^^^^^
+Every other week, we organize a call with all interested TF-A contributors.
+Anyone is welcome to join. This is an opportunity to discuss any technical
+topic within the community. More details can be found `here`_.
+.. _here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
 Issue Tracker
 ^^^^^^^^^^^^^

--- a/docs/process/security.rst
+++ b/docs/process/security.rst
@@ -20,13 +20,15 @@ Found a Security Issue?
 Although we try to keep TF-A secure, we can only do so with the help of the
 community of developers and security researchers.
-If you think you have found a security vulnerability, please **do not** report
+.. warning::
-it in the `issue tracker`_ or on the `mailing list`_. Instead, please follow the
+   If you think you have found a security vulnerability, please **do not**
-`TrustedFirmware.org security incident process`_. One of the goals of this
+   report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
-process is to ensure providers of products that use TF-A have a chance to
+   follow the `TrustedFirmware.org security incident process`_.
-consider the implications of the vulnerability and its remedy before it is made
-public. As such, please follow the disclosure plan outlined in the process. We
+One of the goals of this process is to ensure providers of products that use
-do our best to respond and fix any issues quickly.
+TF-A have a chance to consider the implications of the vulnerability and its
+remedy before it is made public. As such, please follow the disclosure plan
+outlined in the process. We do our best to respond and fix any issues quickly.
 Afterwards, we encourage you to write-up your findings about the TF-A source
 code.